ISACA will be offering a new risk-related certification in April 2010. The Certified in Risk and Information Systems Control™ (CRISC™) designation is designed for IT professionals who identify and manage risks through the development, implementation and maintenance of appropriate information systems (IS) controls to help enterprises accomplish business objectives, such as effective and efficient operations, reliable financial reporting, and compliance with relevant regulatory and legislative requirements.

* While CISA <http://www.isaca.org/cisa> is designed for IT professionals who perform independent reviews of control design and operational effectiveness, CRISC is for IT and business professionals who design, implement and maintain IS controls. * While CISM <http://www.isaca.org/cism> is for individuals who manage, design, oversee and/or assess an enterprise’s information security, including the identification and management of information security risks, CRISC is for IT professionals whose roles also encompass operational and compliance considerations. * While CGEIT <http://www.isaca.org/cgeit> is for IT and business professionals who have a significant management, advisory or assurance role relating to the governance of IT, including risk management, CRISC is for the IT and business professionals who are engaged at an operational level to mitigate risk.

A grandfathering program, through which experienced professionals can obtain the certification without taking the exam, will open in April. The first CRISC exam will be held in 2011.

Click here <http://www.isaca.org/crisc> to learn more about this latest certification from ISACA.

è A minimum of 3 years of work experience performing the tasks described in the CRISC job practice is required for certification. There will be no substitutions or experience waivers.

è More details on the job practice areas for the above 5 domains is forthcoming in April.

not too sure, it cost like USD499 for the grand-fathering program, if you not successful in applying - USD100 for the admin charges. you get back USD399. so unless you're into doing most of the domains that are required, then do consider, otherwise, if it's not related, I'm not sure if it's worth that $$$ unless your company don't mind paying it for you.

Also membership is USD130 per year, maintenance fee is USD40, so total you have to cough up USD170 per year if you're certified. ::)

anyway, no harm trying.

Last edited by kennut on Tue Jun 01, 2010 11:01 am, edited 1 time in total.